Researchers: Attacks on U.S., Korea sites came from U.K.

A security firm in Vietnam says it has traced the origin of the denial-of-service attacks to the U.K., contrary to speculation that North Korea was the culprit.

The denial-of-service attacks launched on Web sites in South Korea and the United States earlier this month appear to have come from a master server in the United Kingdom, according to security researchers in Vietnam.

The master server controls all of the eight command and control servers involved in the series of distributed denial-of-service attacks that started on the July 4 weekend, security firm Bkis said in a blog posting on its Web site on Monday. Bkis said it gained control of two of the servers.

The Vietnamese firm estimated the number of compromised PCs involved in the attacks to be around 167,000 in 74 countries.

Botnet expert Joe Stewart of SecureWorks told CNET News that that number sounded high. Security experts had been estimating that there were 50,000 infected PCs in the botnet.

The attacks targeted dozens of government and commercial sites in the U.S. and South Korea, causing temporary outages at many of them.

Code on the compromised PCs was set to erase or overwrite data late last week but researchers in the U.S. were not aware of any reports of that happening.

Featured Video

iPad Pro after one week: Can it replace your laptop?

CNET Senior Editor Andrew Hoyle has been using Apple's gigantic tablet as his main computer for a week. Luke Westaway asks how it stacks up.

by Luke Westaway